General
-
Target
1560-1-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
27f3a19e2987c5415ae5d68d9a7be3d7
-
SHA1
16344058c5a40a576f77ce119f05823e15b4f2e1
-
SHA256
cf2bef67678c6818414db16ba2463c0b17ae608eddec6acb8bbf6afb8215b8e5
-
SHA512
afd9db3d72afc7cc5e5bb569604e84eeac57f9248ac1008cc9168ed0fdac6e5389703b98c45d64da96a7a9d79f1d4ec1643ee271233dcf97d0c505696a78f9d7
-
SSDEEP
3072:U1D4EkRI04zgdKO+SVg1ibihE0I1yJnQJ58e8hb:U1GRI04zgd+ICE046QP
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
040923_rc
C2
sept4em.tuktuk.ug:11290
Attributes
-
auth_value
47c23aee408443d5484756dcc468f53a
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1560-1-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections